No votes yet

!! Jolla1 NOT SUPPORTED !! (glibc-2.30)

Nscd caches name service lookups and can dramatically improve
performance with NIS+, and may help with DNS as well.

sha256sum filename:
8acff1f596f428b89dfa2a07e59f50d978df1d681f72b34d390c787d975e0f7b nscd-2.30+git11-0.9.4.armv7hl.rpm



Application versions: 
File nscd- KB10/03/2018 - 16:27
File nscd-2.30git7-8.armv7hl.rpm62.97 KB30/06/2021 - 21:40
File nscd-2.30git7-8.1.armv7hl.rpm62.96 KB05/08/2021 - 20:50
File nscd-2.30git7-8.2.armv7hl.rpm63.12 KB19/08/2021 - 20:01
File nscd-2.30git8-9.2.armv7hl.rpm63 KB04/02/2022 - 21:04
File nscd-2.30git8-9.3.armv7hl.rpm63.15 KB23/03/2022 - 03:03
File nscd-2.30git11-0.9.3.armv7hl.rpm63.02 KB05/04/2022 - 01:57
File nscd-2.30git11-0.9.4.armv7hl.rpm63.07 KB05/09/2022 - 21:33

!! Jolla1 NOT SUPPORTED !!

[25691] stdio: Remove memory leak from multibyte conversion
[29530] segfault in printf handling thousands separator
[26211] printf integer overflow calculating allocation size
[14231] stdio-common tests memory requirements
malloc: Simplify implementation of __malloc_assert

2.30+git11-0.9.3: disable-crypt

2.30+git8-9.3: fixes CVE-2016-10228

+bug24973-ee7a3144c9922808181009b7b3e50e852fb4999b.patch ( CVE-2019-25013 )
+bug22542-2.31-c4c833d3ddfc3420be71dd392655ec294ff8fc15.patch ( CVE-2022-23219 ) Fixes JB#57335
+bug28768-2.31-3ef8be9b89ef98300951741f381eb79126ac029f.patch ( CVE-2022-23218 ) Fixes JB#57362


Security related changes:
Fix an arbitrary read in wordexp() (CVE-2021-35942)

Security related changes:

CVE-2019-19126: ld.so failed to ignore the LD_PREFER_MAP_32BIT_EXEC
environment variable during program execution after a security
transition, allowing local attackers to restrict the possible mapping
addresses for loaded libraries and thus bypass ASLR for a setuid
program. Reported by Marcin Kościelnicki.

CVE-2020-10029: Trigonometric functions on x86 targets suffered from stack
corruption when they were passed a pseudo-zero argument. Reported by Guido
Vranken / ForAllSecure Mayhem.

CVE-2020-1751: A defect in the PowerPC backtrace function could cause an
out-of-bounds write when executed in a signal frame context.

CVE-2020-1752: A use-after-free vulnerability in the glob function when
expanding ~user has been fixed.

CVE-2020-29562: An assertion failure has been fixed in the iconv function
when invoked with UCS4 input containing an invalid character.

CVE-2021-33574: The mq_notify function has a potential use-after-free
issue when using a notification type of SIGEV_THREAD and a thread
attribute with a non-default affinity mask.

The following bugs are resolved with this release:

[20019] NULL pointer dereference in libc.so.6 IFUNC due to uninitialized GOT
[20543] Please move from .gnu.linkonce to comdat
[23296] Data race in setting function descriptor during lazy binding
[23518] login: Remove utmp backend jump tables
[24682] localedata: zh_CN first weekday should be Monday per GB/T
[24867] malloc: Remove unwanted leading whitespace in malloc_info
[24879] login: Disarm timer after utmp lock acquisition
[24880] login: Use struct flock64 in utmp
[24882] login: Acquire write lock early in pututline
[24986] alpha: new getegid, geteuid and getppid syscalls used
[24899] login: Add nonstring attributes to struct utmp, struct utmpx
[24902] login: pututxline could fail to overwrite existing entries
[25066] FAIL: nptl/tst-tls1 on hppa
[25189] Don't use a custom wrapper macro around __has_include
[25203] libio: Disable vtable validation for pre-2.1 interposed handles
[25204] Ignore LD_PREFER_MAP_32BIT_EXEC for SUID programs
[25225] ld.so fails to link on x86 if GCC defaults to -fcf-protection
[25232] No const correctness for strchr et al. for Clang++
[25401] Remove incorrect alloc_size attribute from pvalloc
[25487] sinl() stack corruption from crafted input (CVE-2020-10029)
[25523] MIPS/Linux inline syscall template is miscompiled
[25635] arm: Wrong sysdep order selection for soft-fp
[25715] system() returns wrong errors when posix_spawn fails
[25810] x32: Incorrect syscall entries with pointer, off_t and size_t
[25896] Incorrect prctl
[25902] Bad LOADARGS_N
[25933] Off by one error in __strncmp_avx2
[25966] Incorrect access of __x86_shared_non_temporal_threshold for x32
[25976] nss_compat: internal_end*ent may clobber errno, hiding ERANGE
[27130] "rep movsb" performance issue
[27177] GLIBC_TUNABLES=glibc.cpu.x86_ibt=on:glibc.cpu.x86_shstk=on doesn't work